Page 30 of 236 results (0.014 seconds)

CVSS: 3.5EPSS: 0%CPEs: 23EXPL: 0

CVE-2014-2430 – mysql: unspecified DoS related to Performance Schema (CPU April 2014)

https://notcve.org/view.php?id=CVE-2014-2430

Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.36 y anteriores y 5.6.16 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Performance Schema. • http://rhn.redhat.com/errata/RHSA-2014-0522.html http://rhn.redhat.com/errata/RHSA-2014-0536.html http://rhn.redhat.com/errata/RHSA-2014-0537.html http://rhn.redhat.com/errata/RHSA-2014-0702.html http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66858 https://access.redhat.com/security/cve/C •

CVSS: 4.0EPSS: 3%CPEs: 22EXPL: 0

CVE-2014-0384 – mysql: unspecified DoS related to XML (CPU April 2014)

https://notcve.org/view.php?id=CVE-2014-0384

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.5.35 y anteriores y 5.6.15 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores relacionados con XML. • http://rhn.redhat.com/errata/RHSA-2014-0522.html http://rhn.redhat.com/errata/RHSA-2014-0536.html http://rhn.redhat.com/errata/RHSA-2014-0537.html http://rhn.redhat.com/errata/RHSA-2014-0702.html http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html https://access.redhat.com/security/cve/CVE-2014-0384 https://bugzilla.redhat.com/show_bug.cgi?id=1088133 •

CVSS: 5.0EPSS: 46%CPEs: 76EXPL: 1

CVE-2013-5704 – httpd: bypass of mod_headers rules via chunked requests

https://notcve.org/view.php?id=CVE-2013-5704

The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." El módulo mod_headers en el servidor de Apache HTTP 2.2.22 permite a atacantes remotos evadir directivas "RequestHeader unset" mediante la colocación de una cabera en la porción "trailer" de datos enviados con codificación de transferencia fragmentada. NOTA: el proveedor afirma que "esto no es un problema de seguridad en httpd como tal." A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2 http://marc.info/?l=bugtraq&m=143403519711434&w=2 http://marc.info/?l=bugtraq&m=144493176821532&w=2 http://martin.swende.se/blog/HTTPChunked.html http://rhn.redhat.com/errata/RHSA-2015-0325.html http://rhn.redhat.com/errata/RHSA-2015-1249.html http://rhn.redhat& • CWE-287: Improper Authentication •

CVSS: 5.8EPSS: 0%CPEs: 223EXPL: 0

CVE-2014-1501

https://notcve.org/view.php?id=CVE-2014-1501

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection. Mozilla Firefox anterior a 28.0 en Android permite a atacantes remotos evadir Same Origin Policy y acceder a archivos arbitrarios: URLs a través de vectores que involucran la selección de menú "Abrir enlace en una pestaña nueva". • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-21.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=960135 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 15%CPEs: 14EXPL: 0

CVE-2014-0098 – httpd: mod_log_config does not properly handle logging certain cookies resulting in DoS

https://notcve.org/view.php?id=CVE-2014-0098

The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation. La función log_cookie en mod_log_config.c en el módulo mod_log_config en el Apache HTTP Server anterior a 2.4.8 permite a atacantes remotos causar una denegación de servicio (fallo de segmentación y caída de demonio) a través de una cookie manipulada que no es manejada debidamente durante truncado. • http://advisories.mageia.org/MGASA-2014-0135.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://marc.info/?l=bugtraq&m=141017844705317&w=2 http://marc.info/?l=bugtraq&m=141390017113542&w=2 http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/58230 http://secunia.com/advisories/58915 http: • CWE-125: Out-of-bounds Read •